Patentable/Patents/US-11265249
US-11265249

Method for using authenticated requests to select network routes

PublishedMarch 1, 2022
Assigneenot available in USPTO data we have
Inventorsnot available in USPTO data we have
Technical Abstract

The present invention enables the selection of network routes based on a combination of traditional route table entries, identity policy information, and trust level information determined dynamically for each network session. This enables a network operator to apply different policies to network entities presenting differing identity credentials. It also allows network operators to block access to networks and network resources when identity credentials are not provided or are unauthorized.

Patent Claims
9 claims

Legal claims defining the scope of protection, as filed with the USPTO.

1

1. A method performed by a group of devices comprising the steps of: providing a network; providing a network resource; said network resource being connected to said network; said network resource including an address; providing a Trust Router; said Trust Router being connected to said network; said Trust Router including a route table; said route table having at least one route table entry to a network resource; providing a network client; said network client being connected to said network; conveying, by said network client, a resource request over said network to said Trust Router; said resource request including the address of said network resource; said resource request containing an authentication object; said authentication object including identity information; providing an Identity Policy Group; said Identity Policy Group being located within said Trust Router; providing a Trust Level; said Trust Level being received by said Trust Router; using said identity in said authentication object to authenticate said network client; using, by said Trust Router, said authentication object to determine an Identity Policy Group and said Trust Level; selecting a route table entry that matches the destination address of said resource request and that matches said Identity Policy Group and that matches said Trust Level; identifying, by said Trust Router, a forwarding table entry that matches said destination address of said resource request and said Identity Policy Group and said Trust Level; conveying, by said trust router, said resource request to said network resource via a next hop information in said selected route table entry; and using said Identity Policy Group and said destination address to select a route for said resource request to said address of said network resource.

2

2. The method as recited in claim 1 , in which: said resource request is a TCP-SYN packet.

3

3. The method as recited in claim 1 , in which: said authentication object contained in said resource request is a statistical object.

4

4. The method as recited in claim 1 , in which: said resource request is an IP packet.

5

5. The method as recited in claim 1 , in which: said Trust Level is employed for the purpose of changing access to network resources without changing route table entries.

6

6. A method comprising the steps of: providing a network; providing a network resource; said network resource being connected to said network; said network resource including an address; providing a Trust Router; said Trust Router being connected to said network; said Trust Router including a route table; said route table including a plurality of route table entries; each of said route table entries including an Identity Policy Group and a Trust Level; providing a network client; said network client being connected to said network; conveying, by said network client, a resource request over said network to said Trust Router; said resource request containing an authentication object; and including a destination address; said authentication object including identity information; using, by said Trust Router, said authentication object to authenticate said network client and determining the associated Identity Policy Group and said associated Trust Level; determining that none of said plurality of route table entries in said route table matches said destination address of said resource request and matches said Identity Policy Group and matches said Trust Level; and discarding said resource request.

7

7. The method as recited in claim 6 , in which: said resource request is a TCP-SYN packet.

8

8. The method as recited in claim 6 , in which: said authentication object contained in said resource request is a statistical object.

9

9. The method as recited in claim 6 , in which: said resource request is a IP packet.

Classification Codes (CPC)

Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.

Patent Metadata

Filing Date

October 15, 2018

Publication Date

March 1, 2022

Want to explore more patents?

Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.

Citation & reuse

Analysis on this page is generated by Patentable — an AI-powered patent intelligence platform. AI-generated summaries, explanations, and analysis may be reused with attribution and a visible link back to the canonical URL below. Patent abstracts and claims are USPTO public domain.

Cite as: Patentable. “Method for using authenticated requests to select network routes” (US-11265249). https://patentable.app/patents/US-11265249

© 2026 Patentable. All rights reserved.

Patentable is a research and drafting-assistant tool, not a law firm, and does not provide legal advice. Documents we generate are drafts for review by a licensed patent attorney.